Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

News & Updates

December 21, 2012

NIST announces the release of Special Publication 800-38F, Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping. This publication describes cryptographic methods for the protection of the...

December 21, 2012

NIST announces the public comment release of Draft Interagency Report (IR) 7904, Trusted Geolocation in the Cloud: Proof of Concept Implementation. This publication explains selected security challenges involving...

December 6, 2012

NIST Interagency Report (IR) 7298 Revision 2, NIST Glossary of Key Information Security Terms is the latest revision of the NIST Information Security Glossary and Information Assurance Glossary. 

November 30, 2012

NIST announces the release of NIST Interagency Report (NISTIR) 7817, A Credential Reliability and Revocation Model for Federated Identities. NISTIR 7817 describes and classifies the different types of identity...

November 16, 2012

NIST opened a public "SHA-3" competition in November 2007 to develop a new cryptographic hash algorithm. On October 2, 2012, NIST announced Keccak as the winner and the new SHA-3 algorithm.

November 16, 2012

NIST announces the completion of NIST Special Publication (SP) 800-133, Recommendation for Cryptographic Key Generation. It discusses the generation of the keys to be used with NIST-approved cryptographic...

November 13, 2012

This report (NISTIR 7878) describes measures of combinatorial coverage that can be used in evaluating the degree of t-way coverage of any test suite, regardless of whether it was initially constructed for ...

November 9, 2012

Links to keynote presentations on Emerging Risk Management and Cyber Security Strategies are available at

November 8, 2012

Status Update on NIST Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations 

October 19, 2012
Federal Register Number: 2012-25826

The National Institute of Standards and Technology (NIST) Information Technology Laboratory (ITL) invites interested U.S. companies to submit letters of interest in…

October 3, 2012

NIST announced KECCAK as the winner of the SHA-3 Cryptographic Hash Algorithm Competition and the new SHA-3 hash algorithm in a press release issued on October 2, 2012. KECCAK was designed by...

September 28, 2012

Draft NIST Interagency Report (IR) 7511 Revision 3, Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements, describes the requirements that must be met by products to achieve SCAP...

September 18, 2012

The National Institute of Standards and Technology (NIST) announces the release of the final version of its updated risk assessment guideline, Special Publication 800-30, Revision 1, Guide for Conducting Risk...

September 18, 2012

NIST Interagency Report (IR) 7874, Guidelines for Access Control System Evaluation Metrics, has been released as final. This report provides Federal agencies with background information on access control (AC...

September 13, 2012

The Baltimore Information Systems Security Association Chapter would like to invite you to their Third Annual InfoSec Summit. We are holding the event at the National Institute of Standards and Technology (NIST...

September 6, 2012

NIST announces the release of Draft Special Publication 800-88 Revision 1, Guidelines for Media Sanitization for public review and comment. SP 800-88 discussed methods, techniques and best practices for the...

September 5, 2012

NIST announces the public comment release of draft NIST Special Publication (SP) 800-40 Revision 3, Guide to Enterprise Patch Management Technologies. Patch management is the process for identifying, acquiring...

September 5, 2012

NIST is Proud to Announce the Release of 2 DRAFT Publications: Special Publication 800-90 B, Recommendation for the Entropy Sources Used for Random Bit Generation -- AND -- Special Publication 800-90C, ecommendation for...

August 30, 2012
Federal Register Number: 2012-21461

NIST seeks additional comments on specific sections of the 2009 Draft Federal Information Processing Standard 140-3, Security Requirements for Cryptographic Modules… Comments were due October 1, 2012.

August 24, 2012

NIST announces the release of Special Publication 800-107, Revision 1, Recommendation for Using Approved Hash Algorithms. In this revision, the security properties of SHA-512/224 and SHA-512/256 are addressed...

August 23, 2012

Earlier this year the President signed a Memorandum issuing the Digital Government Strategy, which was designed to build a 21st Century digital government that delivers better services to the American people. The strategy...

August 20, 2012

NIST announces the release of draft revision of Special Publication 800-56A, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography. 

August 8, 2012

NIST is developing a draft Special Publication 800-152 that will be entitled "A Profile for U. S. Federal Cryptographic Key Management Systems (CKMS)". This Profile will be based on the Special Publication 800...

August 8, 2012

Special Publication 800-61 Revision 2 seeks to assist organizations in mitigating the risks from computer security incidents by providing practical guidelines on responding to incidents effectively and efficiently. It...

July 26, 2012

In order to facilitate the development of applications and middleware that support the Personal Identity Verification (PIV) Card, the National Institute of Standards and Technology (NIST) has developed a set of test PIV...

July 25, 2012

NIST CSD is Proud to Announce the Release of 2 Draft Special Publications: Draft Special Publication 800-83 (SP) Revision 1, Guide to Malware Incident Prevention and Handling for Desktops and Laptops AND Draft Special...

July 10, 2012
Federal Register Number: 2012-16727

The National Institute of Standards and Technology (NIST) seeks comments on Draft NISTIR 7823, Advanced Metering Infrastructure Smart Meter Upgradeability…

July 10, 2012

NIST announces the completion of Revision 3 of Special Publication (SP) 800-57, Part 1, Recommendation for Key Management, Part 1: General. This publication contains basic key management guidance, ...

July 10, 2012

NIST announces the public comment release of Draft NIST Interagency Report (NISTIR) 7823, Advanced Metering Infrastructure Smart Meter Upgradeability Test Framework. Draft NISTIR 7823 proposes an example test...

July 10, 2012

NIST announces the public comment release of Draft Special Publication (SP) 800-124 Revision 1, Guidelines for Managing and Securing Mobile Devices in the Enterprise. The purpose of this publication is to help...

July 9, 2012
Federal Register Number: 2012-16725

The National Institute of Standards and Technology (NIST) announces the Revised Draft Federal Information Processing Standard (FIPS) Publication 201-2, “Personal Identity Verification of Federal Employees and Contractors,”...

July 9, 2012

NIST Interagency Report (IR) 7864, The Common Misuse Scoring System (CMSS): Metrics for Software Feature Misuse Vulnerabilities, has been released as final. This report proposes a specification for CMSS, a set of...

July 9, 2012

The NIST Computer Security Division is pleased to release the Revised Draft Federal Information Processing Standard (FIPS) 201-2, Personal Identity Verification of Federal Employees and Contractors. The Revised...

June 12, 2012

NIST announces the final release of Special Publication (SP) 800-121 Revision 1, Guide to Bluetooth Security. It describes the security capabilities of technologies based on Bluetooth, which is an open standard...

June 6, 2012

NIST is hosting the National Cybersecurity Center of Excellence (NCCoE) Workshop on June 26, 2012 to introduce the Center to the public. The Center plans to bring together industry, government and business communities...

May 29, 2012

The final version of NIST Special Publication 800-146, Cloud Computing Synopsis and Recommendations is NIST's general guide to cloud computing. It explains cloud systems in plain language and provides...

May 8, 2012

NIST announces the public comment release of Draft NIST Interagency Report (NISTIR) 7848, Specification for the Asset Summary Reporting Format 1.0. NISTIR 7848 defines the Asset Summary Reporting (ASR) format...

May 1, 2012
Federal Register Number: 2012-10437

The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, May 30, 2012 - Friday, June 1, 2012. All sessions will be open to the public.

April 10, 2012
Federal Register Number: 2012-8573

The National Institute of Standards and Technology (NIST) requests comments on revisions to Federal Information Processing Standard (FIPS) 186-3,…

April 10, 2012

NIST requests comments on proposed changes to Federal Information Processing Standard 186-3, the Digital Signature Standard. The Federal Register Notice requests that electronic comments be sent by May 25, 2012 ...

March 23, 2012

NIST announces the second public draft of NIST Interagency Report (NISTIR) 7622, Notional Supply Chain Risk Management Practices for Federal Information Systems. This publication is intended to provide a wide...

March 8, 2012

NIST announces the markup version of NIST Special Publication 800-53, Revision 4 (Initial Public Draft), Security and Privacy Controls for Federal Information Systems and Organizations. 

March 6, 2012
Federal Register Number: 2012-5400

This notice announces the Secretary of Commerce's approval of Federal Information Processing Standard (FIPS) 180-4, Secure Hash Standard (SHS).

February 28, 2012

NIST announces the Initial Public Draft of Special Publication (SP) 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations. Special Publication 800-53, Revision 4...

February 21, 2012

NIST announces the final release of Special Publication (SP) 800-153, Guidelines for Securing Wireless Local Area Networks (WLANs). The purpose of this publication is to provide organizations with recommendations...

February 3, 2012

NIST is pleased to announce the release of a report by the University of Maryland's Supply Chain Management Center. The report, which stems from a NIST grant, inventories existing ICT supply chain initiatives and...

February 1, 2012

NIST announces the public comment release of draft Special Publication (SP) 800-61 Revision 2, Computer Security Incident Handling Guide. It seeks to assist organizations in mitigating the risks from computer...

January 22, 2012

NIST is pleased to announce the release of Special Publications (SP): SP 800-144, Guidelines on Security and Privacy in Public Cloud Computing. SP 800-144 provides an overview of the security and ...

January 18, 2012

NIST announces the public comment release of Draft NIST Interagency Report (NISTIR) 7817, A Credential Reliability and Revocation Model for Federated Identities. NISTIR 7817 investigates credential and attributes...